tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add node/{node}/certificates api call

Browse Source 
API like in PVE:

GET    .../info             => current cert information
POST   .../custom           => upload custom certificate
DELETE .../custom           => delete custom certificate
POST   .../acme/certificate => order acme certificate
PUT    .../acme/certificate => renew expiring acme cert

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
This commit is contained in:
Wolfgang Bumiller
2021-05-03 11:39:55 +02:00
committed by Dietmar Maurer
parent d4b84c1dec
commit 4088d5bc62
3 changed files with 597 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/config.rs
View File

@ -187,12 +187,16 @@ pub fn update_self_signed_cert(force: bool) -> Result<(), Error> {
let x509 = x509.build();
let cert_pem = x509.to_pem()?;
set_proxy_certificate(&cert_pem, &priv_pem)?;
set_proxy_certificate(&cert_pem, &priv_pem, false)?;
Ok(())
}
pub(crate) fn set_proxy_certificate(cert_pem: &[u8], key_pem: &[u8]) -> Result<(), Error> {
pub(crate) fn set_proxy_certificate(
cert_pem: &[u8],
key_pem: &[u8],
reload: bool,
) -> Result<(), Error> {
let backup_user = crate::backup::backup_user()?;
let options = CreateOptions::new()
.perm(Mode::from_bits_truncate(0o0640))
@ -206,5 +210,15 @@ pub(crate) fn set_proxy_certificate(cert_pem: &[u8], key_pem: &[u8]) -> Result<(
.map_err(|err| format_err!("error writing certificate private key - {}", err))?;
replace_file(&cert_path, &cert_pem, options)
.map_err(|err| format_err!("error writing certificate file - {}", err))?;
if reload {
reload_proxy()?;
}
Ok(())
}
pub(crate) fn reload_proxy() -> Result<(), Error> {
crate::tools::systemd::reload_unit("proxmox-backup-proxy")
.map_err(|err| format_err!("error signaling reload to pbs proxy: {}", err))
}